Lucene search
K

741 matches found

Packet Storm
Packet Storm
added 2014/02/14 12:0 a.m.38 views

Boxcryptor Cross Site Scripting

============================================= INTERNET SECURITY AUDITORS ALERT 2014-001 - Original release date: February 4, 2014 - Last revised: February 4, 2014 - Discovered by: Vicente Aguilera Diaz - Severity: 4.3/10 CVSSv2 Base Scored - CVE-ID: - =============================================...

7.4AI score
Exploits0
NVD
NVD
added 2014/02/11 5:55 p.m.14 views

CVE-2013-2639

Cross-site scripting XSS vulnerability in CTERA Cloud Storage OS before 3.2.29.0, 3.2.42.0, and earlier allows remote attackers to inject arbitrary web script or HTML via the description in a project folder...

4.3CVSS5.6AI score0.01465EPSS
Exploits5References2
Prion
Prion
added 2014/02/11 5:55 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in CTERA Cloud Storage OS before 3.2.29.0, 3.2.42.0, and earlier allows remote attackers to inject arbitrary web script or HTML via the description in a project folder...

4.3CVSS6.1AI score0.01465EPSS
Exploits5References2Affected Software1
Cvelist
Cvelist
added 2014/02/11 5:0 p.m.18 views

CVE-2013-2639

Cross-site scripting XSS vulnerability in CTERA Cloud Storage OS before 3.2.29.0, 3.2.42.0, and earlier allows remote attackers to inject arbitrary web script or HTML via the description in a project folder...

5.6AI score0.01465EPSS
Exploits5References2
CVE
CVE
added 2014/02/11 5:0 p.m.46 views

CVE-2013-2639

CTERA Cloud Storage OS is affected by a Stored XSS in the Project Folder description field. Vulnerable on versions prior to 3.2.29.0 and 3.2.42.0; successful exploitation allows remote attackers to inject arbitrary script/HTML (risk includes possible session data exposure as noted in public write...

4.3CVSS5.8AI score0.01465EPSS
Exploits5References2Affected Software1
0day.today
0day.today
added 2014/02/08 12:0 a.m.42 views

CTERA 3.2.29.0 and 3.2.42.0 - Stored XSS

Exploit for php platform in category web applications OVERVIEW Standard Ctera User can define a particular “description” for a ProjectFolder that cause javascript code execution and HTML injection. INTRODUCTION CTERA Networks http://www.ctera.combridges the gap between cloud storage and local...

4.3CVSS6.5AI score0.01465EPSS
Exploits5
exploitpack
exploitpack
added 2014/02/07 12:0 a.m.37 views

CTERA 3.2.29.03.2.42.0 - Persistent Cross-Site Scripting

CTERA 3.2.29.03.2.42.0 - Persistent Cross-Site Scripting Exploit Title: CTERA Project Folders - Stored XSS Date: 11-Mar-2013 Exploit Author: Luigi Vezzoso Vendor Homepage: http://www.ctera.com Version: 3.2.29.0 and 3.2.42.0 Tested on: ctera os CVE : CVE-2013-2639 OVERVIEW Standard Ctera User...

4.3CVSS6.2AI score0.01465EPSS
Exploits5
Exploit DB
Exploit DB
added 2014/02/07 12:0 a.m.48 views

CTERA 3.2.29.0/3.2.42.0 - Persistent Cross-Site Scripting

Exploit Title: CTERA Project Folders - Stored XSS Date: 11-Mar-2013 Exploit Author: Luigi Vezzoso Vendor Homepage: http://www.ctera.com Version: 3.2.29.0 and 3.2.42.0 Tested on: ctera os CVE : CVE-2013-2639 OVERVIEW Standard Ctera User can define a particular “description” for a ProjectFolder tha...

4.3CVSS6.6AI score0.01465EPSS
Exploits5
The Hacker News
The Hacker News
added 2014/01/16 12:37 a.m.15 views

How to encrypt your files before uploading to Cloud Storage using CloudFogger

In this Internet savvy generation, we want all of our data to be secured at some place. Having backups of your data is always a good idea, whether that data is stored in the Cloud or on your computer. But everyone who is following the Edward Snowden leaks of the NSA's PRISM program now pushed to...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2013/11/01 10:8 a.m.11 views

How Dark Mail Plans to Build an Open, Secure Email Platform

The new Dark Mail Alliance formed this week by Lavabit and Silent Circle will offer an open platform for secure email that will use existing protocols and cloud storage as a way to evade surveillance. The new system, which should be available next year, is in some ways a throwback to the...

7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2013/10/21 1:43 p.m.13 views

Fake Dropbox Password Reset Spam Leads to Malware

A new spam campaign has been circulating over the last few weeks aiming to dupe users of the popular cloud storage service Dropbox. The e-mails purport to come from the service but instead lead those who click through to a malware landing page. Some of the emails start off fairly convincingly:...

0.8AI score
Exploits0References4
securityvulns
securityvulns
added 2013/07/15 12:0 a.m.71 views

SEC Consult SA-20130605-0 :: Multiple vulnerabilities in CTERA Portal

SEC Consult Vulnerability Lab Security Advisory 20130605-0 ======================================================================= title: Multiple vulnerabilities in CTERA Portal product: CTERA Portal vulnerable version: 3.1 fixed version: 3.2 impact: Critical homepage: http://www.ctera.com found...

Exploits0
The Hacker News
The Hacker News
added 2013/03/27 1:28 p.m.9 views

Smartphones cache poses huge risk for Cloud Storage Security

A couple of years ago, the tech world was abuzz about the cloud. Cloud computing refers to computing where the processing or storage takes place on a networked series of computers rather than on the device that you're using. Whether you're using a PC, laptop, tablet, smartphone, television, or...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2013/03/27 2:28 a.m.14 views

Smartphones cache poses huge risk for Cloud Storage Security

A couple of years ago, the tech world was abuzz about the cloud. Cloud computing refers to computing where the processing or storage takes place on a networked series of computers rather than on the device that you’re using. Whether you’re using a PC, laptop, tablet, smartphone, television, or...

6.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/01/25 12:0 a.m.59 views

SuSE 11.2 Security Update : Linux kernel (SAT Patch Numbers 6641 / 6643 / 6648)

The SUSE Linux Enterprise 11 SP2 kernel was updated to 3.0.38, fixing various bugs and security issues. The following security issues have been fixed : - Several buffer overread and overwrite errors in the UDF logical volume descriptor code have been fixed that might have have allowed local...

7.6CVSS7.9AI score0.08738EPSS
Exploits3References68
ThreatPost
ThreatPost
added 2012/04/04 11:29 a.m.10 views

How The Free Market Fails Privacy-Conscious Consumers

Editor’s Note: This is the first of a two-part podcast with security researcher Chris Soghoian. It’s a truism that the pace of technological change outstrips society’s ability to grasp the impact of that change. For the most part, the consequences of this are benign and the remedies...

0.4AI score
Exploits0References9
ThreatPost
ThreatPost
added 2012/01/13 6:53 p.m.6 views

Use the Cloud

When it comes to search and seizure by customs agents, the cloud is your friend. A plethora of online services today make it easy to simply copy your sensitive data – or your entire drive’s contents – up to a hosted storage server. Once again, you’ll want to make sure that the connection to...

0.9AI score
Exploits0References1
The Hacker News
The Hacker News
added 2011/09/08 4:35 p.m.18 views

Offline Windows Analysis and Data Extraction (OWADE) - Forensics tool to expose all your online activity

Offline Windows Analysis and Data Extraction OWADE - Forensics tool to expose all your online activity Researchers "Elie Bursztein" from Stanford University in California have managed to bypass the encryption on a PC's hard drive to find out what websites a user has visited and whether they have...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2011/03/18 3:11 p.m.31 views

Greg Hoglund Discusses HBGary Mishap

Greg Hoglund, CTO of HBGary, admits that lackluster security played a central role in the breach that led to the release of some 50,000 company emails, but also disputes common understanding and reported details of the hack, going so far as to say there was actually no hack at all. In an intervie...

Exploits0References5
The Hacker News
The Hacker News
added 2011/01/31 11:25 a.m.9 views

All about Microsoft Windows 8 !

Only Microsoft knows how the abutting adaptation of its Windows operating arrangement will attending and what it will be called, but big changes could be advanced for the OS that assemblage accredit to as "Windows 8." At this year's Consumer Electronics Appearance in Las Vegas, Microsoft appear...

6.7AI score
Exploits0
Rows per page
Query Builder